ID
VAR-201612-0653
TITLE
D-Link '/improtexport.php' Multiple Series Products Have Arbitrary File Write Vulnerabilities
Trust: 0.6
DESCRIPTION
The D-LinkDAR-8000-X series and DAR-7000-x series of online behavior auditing gateways provide a comprehensive Internet access behavior management solution to fully protect enterprise operational efficiency and information security. There are arbitrary file write vulnerabilities in D-Link multiple series products. The file in question is /improtexport.php, which can cause arbitrary file writes due to failure of the system to validate user input, resulting in a getshell vulnerability. (where x different represents different products)
Trust: 0.6
IOT TAXONOMY
| category: | ['IoT', 'Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | d link | model: | dar-7000 | scope: | eq | version: | x | Trust: 0.6 |
| vendor: | d link | model: | dar-8000 | scope: | eq | version: | x | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2016-07459 | Trust: 0.6 |
REFERENCES
| url: | http://loudong.360.cn/vul/info/id/174029 | Trust: 0.6 |
| url: | https://butian.360.cn/vul/info/qid/qtva-2016-522092 | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2016-07459 |
LAST UPDATE DATE
2022-05-04T10:16:21.777000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2016-07459 | date: | 2016-09-13T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2016-07459 | date: | 2016-12-07T00:00:00 |